Upload
others
View
0
Download
0
Embed Size (px)
Citation preview
PRECISE. PROVEN. PERFORMANCE.www.moorestephens.co.uk
Launch of the SM&CR and the interaction with MiFID II29 June 2017
Agenda
1. Introduction - Kelly Sheppard, Partner
2. Overview of the SM&CR - Teresa Mazur, Associate Director
3. SM&CR: banana skins - Andrew Jacobs, Director
4. Governance and organisational requirements: MiFID II interaction with
the SM&CR - Giovanni Giro, Senior Manager
5. Conclusion - Kelly Sheppard, Partner
PRECISE. PROVEN. PERFORMANCE.
Introduction
www.moorestephens.co.uk
Kelly Sheppard, Partner
Introduction
• Survey results
– 54% of firms have done some high level planning in respect of
the SM&CR
– 88% of firms are not sure that they will be ready for MIFID II
on 3 January 2018
• It is anticipated that some 52,000 firms will come under the
new SM&CR and some 92,000 individuals will now need to
be registered.
PRECISE. PROVEN. PERFORMANCE.
Overview of SM&CR
Teresa Mazur, Associate Director
www.moorestephens.co.uk
Why SM&CR was introduced
• SM&CR is an accountability framework. It was put in place
following a review by the Parliamentary Commission on Banking
Standards (PCBS), on professional standards and culture in the
UK banking sector
• Improving standards within relevant firms is important to restore
trust in financial services
• The existing Approved Persons regime operates purely as a
gateway
• SM&CR does not change firms’ corporate responsibility
Why individual accountability matters
• Clarity for firms and regulators about each senior manager’s responsibilities
• Important part of the regulators’ drive to raise standards of individual conduct across
the financial services industry
• Linked to the FCA’s Business Plan 2017/18 priority ‘Firms’ culture and governance’:
• Senior managers need to ensure that their firm’s business processes, people and
other drivers of culture support and reinforce a culture that works in the long-term
interests of the firm, its customers and market integrity
Outcomes we seek…
Firms develop a culture of accountability at all levels and senior individuals are fully responsible and accountable for clearly defined business activities and material risks…
PRECISE. PROVEN. PERFORMANCE.
Extending the regime: who, when & how
www.moorestephens.co.uk
Which firms are affected
Current regimes
• SM&CR applies to UK banks, UK branches of foreign banks, building societies, credit unions
and PRA designated investment firms
• Fewer of the Senior Managers Regime requirements apply to firms with gross total assets of
£250m or less
• Senior Insurance Managers Regime applies to (re)insurers
•Extending the regime
• The SM&CR will be extended to apply to all financial services that fall under FSMA
• The intention is for the extended regime to become effective in 2018
Which individuals are affected
Element of SM&CR Impacted staff and directors
Senior Managers Regime • Performs key role, eg, CEO, CFO, Chairman
• Holds key function – has overall responsibility for a whole area of the
firm
• Including NEDs excluding Notified NEDs
Certification Regime • Material Risk Taker / Significant Harm Function
• Previous Significant Influence Function
• CF30 with a qualification
• Line manager of Certified Person
Conduct Rules • All employees and directors other than ancillary staff
How and when?
• The PRA and FCA are consulting on how SM&CR will be adapted and applied to the diverse
range of regulated firms
• Proportionate application of SM&CR to reflect the size and complexity of firms
The Bank of England and Financial Services Act 2016 extends the SMCR to all sectors of the financial services industry. It also allows us to apply all elements of the regime to insurers. We intend that our extended regime will be clear, simple and proportionate. During Q2 of this year we will be consulting widely with industry, firms and consumers on our proposals. We expect implementation to begin from 2018.
SMCR: One year on – FCA news – March 2017
PRECISE. PROVEN. PERFORMANCE.
Key elements of the current regimes
www.moorestephens.co.uk
Key elements of SM&CR
• Identify and allocate Senior Management
Functions (SMF) to named individuals
• Lighter touch for small firms
• ‘Statement of responsibilities’ (SoR) setting out
each Senior Manager’s specific responsibilities
• ‘Responsibilities map’ describing
management and governance arrangements
in comprehensive detail, including non-UK
and non-regulated activities
Senior Managers
Regime
Key elements of SM&CR
• Senior Managers required to take
‘reasonable steps’ to prevent regulatory
breaches in their areas of responsibility
• Burden of proof lies with the regulators
• Outgoing Senior Manager to take reasonable
steps to ensure an orderly handover
Senior Managers
Regime
Duty of responsibility
Key elements of SM&CR
• Certify as ‘fit and proper’ any individual who
performs a function that could cause
‘significant harm’ to the firm or its
customers
• Ongoing firm assessment of fitness and
propriety – at recruitment stage and annually
• Reassess if function changes
• Regime allows for up to four weeks’ cover
where the role does not require qualifications
Certification
Regime
Key elements of SM&CR
• Personal characteristics (including good
repute and integrity)
• Competence, knowledge and experience
• Relevant qualifications
• Appropriate training
• Due diligence evidence to include:
– past business conduct references/
regulatory references
– criminal records checks
Certification
Regime
‘Fit and proper’ assessment
Key elements of SM&CR
Individual Conduct Standards
• You must act with integrity
• You must act with due skill, care and diligence
• You must be open and cooperative with the
regulators
Additional FCA Conduct Rules
• Pay due regard to the interests of customers
and treat them fairly
• Observe proper standards of market conduct
Conduct Rules
First tier – applies to all
employees (excl. ancillary support
staff)
Consistent with current Statements of Principle for Approved Persons
Key elements of SM&CR
• You must take reasonable steps to ensure that the
business of the firm for which you are responsible is
controlled effectively
• You must take reasonable steps to ensure that the
business of the firm for which you are responsible
complies with the relevant requirements and
standards of the regulatory system
• You must take reasonable steps to ensure that any
delegation of your responsibilities is to an
appropriate person and that you oversee the
discharge of the delegated responsibility effectively
• You must disclose appropriately any information of
which the FCA or the PRA would reasonably expect
to have notice
Conduct Rules
Second tier – Senior Manager rules
PRECISE. PROVEN. PERFORMANCE.
How the extended regime will affect
your firm
www.moorestephens.co.uk
How the extended SM&CR might look
• The framework of the regime will be the same as the existing SM&CR – the
detail will be subject to consultation due later this year
• The duty of responsibility will apply to all firms (as per the FCA’s Policy
Statement PS17/9)
• SMF holders will still require regulatory approval
• Anticipated that Notified NEDs will not need SMF approval
• Anticipated that current customer facing CF30 approved persons will no
longer require SMF approval. May need to be certified
• Grandfathering over of current Approved Persons is likely, given how the
existing regime was implemented
How the extended SM&CR might look
like
• Implementation of the SMCR might be phased, as it was for banks
• Anticipated that small firms will be subject to fewer of the SM&CR
requirements or at least a watered down version – uncertain what this will
look like in practice
• Regulatory references will probably be required for Senior Managers and
certified staff
• Firms will almost certainly be required to train staff on the Conduct Rules
• We will probably see more disciplinary action by regulators against
individuals who are Senior Managers
PRECISE. PROVEN. PERFORMANCE.
How firms can prepare for the
extended regime
www.moorestephens.co.uk
To start now...
• Categorise staff
• Allocate individual
responsibilities
• Statements of responsibilities
• Responsibilities map (smaller,
less complex firms will have
simpler maps)
Management & governance arrangements
Senior management
& their responsibilities
Reporting lines
Allocation of responsibilities
How management & governance arrangements fit within the
group
Responsibilities map includes:
Diagram extract from FCA’s ‘Strengthening Accountability in Banking’ slides – June
2015
How all
this fits
together
HR, Compliance & Legal need to
be involved from the outset
Plan for other tasks…• ‘Fit and proper’ assessments
• Staff training:
– Conduct Rules – virtually all staff
– Maintaining fitness & propriety of staff who will fall under the Certification Regime
• Contractual considerations:
– Employment contracts
– Staff handbook, internal codes of ethics/conduct
• Breach reporting
• Leavers:
– Provision of regulatory references
– Handover procedures for senior managers
• Ensure adequate resourcing – HR, Compliance and Legal (particularly HR who will have ongoing
increased workload)
Conclusion – Be prepared!
• Forewarned is forearmed:
– We know the extension of SM&CR is coming
– We know that, as a minimum, the basics of the current regime for banks
will apply across all firms
– SM&CR extension will mean significant change for most affected firms –
implementation and on-going compliance
– Get your project team together – include HR, Compliance and Legal
– Plan your work-streams and timescales
– Ensure adequate resourcing for implementation and the future –
especially HR
Start now - don’t wait until the FCA consultation has been completed!
PRECISE. PROVEN. PERFORMANCE.
SM&CR: banana skins
Andrew Jacobs, Director
www.moorestephens.co.uk
Ongoing Individual
Accountability
Senior Managers Regime
Certification regime
Conduct Rules
SM&CR: composition
• Practical experiences
• Findings documented in FS 16/6,
16/7 & 16/8
• Learnings from our clients
• Best practises from peers and
regulators
• “..the Senior Managers regime is firm
wide issue for firms”
Andrew Bailey, June 2016
The common banana skins
1. Detail: insufficient detail to delineate the scope of an individuals responsibilities,
the specifics of responsibility
2. Lack of clarity: Responsibility Maps unclear about who is the most senior
person with responsibility and confused about non-executive oversight
3. Incompleteness: aspects of responsibility sharing are not adequately addressed
4. Lack of transparency: group considerations
5. Dynamic in nature: firm’s arrangements not reviewed and updated regularly or
ongoing certification and notification requirements were overlooked
Examples of where detail has been
missed
Not identifying all business activities
Issues with job titles
Confusion re. Notified Non Executives
Overreliance on SYSC 4 Annex 1G
Confusion re. Non-Executive Oversight
Inconsistencies between documentation
Failure to meet ‘practical and useable’ guidelines - SYSC 10C.11.25G
1) ExCo example
SYSC 4.7 (5-8R & 13G):
• Requirement to allocate prescribed
senior management responsibilities to
one or more senior managers of the
firm and must make clear the
allocation of the above, in such as
way that it is clear who has which of
those responsibilities
• At all times, one or more of its SMF
managers must have overall
responsibility for each of the
activities, business areas and
management functions of the firm
Board
Head of
Risk
Head of
Finance
Head of
Compliance
Head of
Sales
Head of
Operations
2) Board example
SYSC 4.7/11
• a person having overall responsibility for a function means a person who has
ultimate responsibility (under the governing body) for managing or supervising that
function and primary and direct responsibility for briefing and reporting to the
governing body about that function and putting matters for decision about that
function to the governing body
Board
Chair of
Risk Co.
Head of
Operations
Head of
ComplianceHead of
Finance
Chair of
Rem Co.
Chair of
Audit Co.
Head of
Sales
Non
Exec
Exec
3) Responsibility sharing
Firms should challenge themselves about:
1. Clarity, detail, overlaps and gaps
2. Whether individuals actually understand the extent and
limitations of their shared responsibility
3. Is the sharing of responsibilities necessary and
justified?
4. Guidance in SUP in respect of sharing and dividing
responsibilities when drafting a SoR.
5. In instances where an individual shares a certification
function, each individual performing that function will
need to be assessed. Conversely, where an individual
performs multiple certification functions their fitness
and propriety for each function will need to be
assessed
Statement of
Responsibilities
Responsibilities Map
SYSC 4.7
Group considerations
• Must include details of how the firm’s management and
governance arrangements fit together; detail the extent
to which the firm’s management and governance
arrangements are provided by, or shared with any other
members of its group or others
• A lack of clarity on how the relationship between the
firm and group influences or impacts the firm and the
senior management responsibilities in practice
• A ‘Group Entity Senior Manager’ will be introduced to
bring individuals employed by a parent, holding or other
group undertaking that exercises significant influence
into scope of the regime
• Where a firm reports to a group function that has a
strong influence on the decision making process within
the firm, these functions will usually be subject to the
SMR
Clarity in respect
of group
interaction
Responsibility Maps: Group considerations, management responsibilities and governance
Ongoing considerations
• Initial requirements
• Ongoing requirements
• Exit requirements:
- Senior Managers Regime
- Certification Regime / Conduct Rules
• Duty of responsibility:
- What constitutes reasonable?
- How to demonstrate the steps taken?
- How you should respond if
something goes wrong?
Develop
Implement
Evaluate
Triggers
SM&CR: Common Misconceptions
SM&CR is simply an iteration of
the Approved Person’s regime
SM&CR does not
involve any sensitivities
Minimal crossover
and linkage with other
systems/process
No involvement is needed from other business
areas
SM&CR is owned by
Compliance
PRECISE. PROVEN. PERFORMANCE.
Governance and organisational
requirements: MiFID II interaction with
the SM&CR
Giovanni Giro, Senior Manager
www.moorestephens.co.uk
MiFID II and SM&CR
MiFID II
Corporate governance
Accountability of Management Body
Organisational requirements
Effective from
3 Jan 2018
SM&CR
Senior Managers Regime
Enhanced accountability of individuals
Conduct rules
Extends to all firms
in 2018
Management Body
• New definition of Management Body with extended responsibilities around governance (art. 9 MiFID II):
– Overall strategy
– Governance arrangements and segregation of duties
– Organisation of the firm’s business
– Access to management information
– Oversight of skills and competence of personnel
– Conflicts of interest policy
– Remuneration policy
• Extended application of CRD IV standards to all common platform firms
Members of Management Body
• Individual Members of the Management Body are personally accountable for:
– Sufficient time allocation
– Limited number of other directorships
– Good repute, skills and competence
– Decisions subject to challenge and scrutiny
– Subject to FCA assessment
• At least two executive members in Management Body
• Chairman ≠ CEO
• 1 exec directorship + 3 non-exec directorships
Organisational requirements
• New organisational requirements (art. 16 MiFID II):
– Effective governance arrangements
– Documented decision-making procedures
– Clear organisational structure and reporting lines
– Risk management framework
– Products and services governance policy and stress testing
– Initial and regular competence reviews
– Induction and training
• Management Body supported by Senior Management and independent Compliance and Risk functions
Analogies and overlap with SM&CR
MiFID II
Management Body role and function
Criteria for selection of members of Management Body
Allocation of responsibilities and segregation of duties
Corporate governance structure and arrangements
SM&CR
Requirements for Senior Managers
Enhanced competence and fit and proper standards
Statement of Responsibilities of SMF and Certified Person
Responsibilities map and Certification policy
Key considerations
Review Board composition and selection criteria
Update corporate governance policy
Coordinate MiFID II and SM&CR requirements
Assess skills and competence of all staff
Review individual roles and reporting lines
Management Body ≠ SMF
Training